<!--

    Copyright (c) 2005, 2018 Oracle and/or its affiliates. All rights reserved.
    Portions Copyright &#169; [2017-2020] Payara Foundation and/or affiliates.

    This program and the accompanying materials are made available under the
    terms of the Eclipse Public License v. 2.0, which is available at
    http://www.eclipse.org/legal/epl-2.0.

    This Source Code may also be made available under the following Secondary
    Licenses when the conditions for such availability set forth in the
    Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
    version 2 with the GNU Classpath Exception, which is available at
    https://www.gnu.org/software/classpath/license.html.

    SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0

-->
<!-- Portions Copyright [2019] [Payara Foundation and/or its affiliates] -->

<p><a id="ref-messagesecurityproviderconfignew" name="ref-messagesecurityproviderconfignew"></a><a id="GHCOM00122" name="GHCOM00122"></a></p>

<h4><a id="sthref230" name="sthref230"></a>New Provider Configuration</h4>
<a name="BEGIN" id="BEGIN"></a>
<p>Use the New Provider Configuration page to create a new message security provider configuration.</p>
<p>The New Provider Configuration page contains the following options.</p>
<dl>
<dt>Configuration Name</dt>
<dd>
<p>The name of the configuration to which the settings on this page apply. This field is read only.</p>
</dd>
<dt>Provider ID</dt>
<dd>
<p>The name of the message security provider.</p>
</dd>
<dt>Default Provider</dt>
<dd>
<p>If this option is selected, this provider is the default provider. The default provider will be invoked for any application that does not identify a specific provider. Whether the provider is the default client provider, the default server provider, or both is determined by the Provider Type.</p>
</dd>
<dt>Provider Type</dt>
<dd>
<p>Specifies the type of the provider. Available choices are:</p>
<dl>
<dt><code>client</code></dt>
<dd>
<p>Specifies that the provider is the client authentication provider.</p>
</dd>
<dt><code>server</code></dt>
<dd>
<p>Specifies that the provider is the server authentication provider.</p>
</dd>
<dt><code>client-server</code></dt>
<dd>
<p>Specifies that the provider is both a client and a server authentication provider.</p>
</dd>
</dl>
</dd>
<dt>Class Name</dt>
<dd>
<p>The name of the Java implementation class of the provider. Client authentication providers must implement the <code>com.sun.enterprise.security.jauth.ClientAuthModule</code> interface. Server-side providers must implement the <code>com.sun.enterprise.security.jauth.ServerAuthModule</code> interface. Client-server providers must implement both interfaces.</p>
</dd>
<dt>Authenticate Source (for Request Policy)</dt>
<dd>
<p>The type of required authentication for the request policy. The request policy determines the request processing that the authentication provider performs. The request policy fields are optional, but if they are not specified, the authentication provider does not authenticate request messages.</p>
<p>Select <code>sender</code> to specify message-layer sender authentication (for example, username and password) of request messages. Select <code>content</code> to specify content authentication (for example, digital signature) of request messages. Leave the field empty to not authenticate the source of requests. By default, no authentication type is selected.</p>
</dd>
<dt>Authenticate Recipient (for Request Policy)</dt>
<dd>
<p>Specifies whether recipient authentication occurs before or after content authentication for the request policy.</p>
<p>Select <code>before-content</code> or <code>after-content</code> to require message-layer authentication of the receiver of the request message to its sender (by XML encryption). If the value is not specified, the default is <code>after-content</code>. Policies are expressed in message sender order, so <code>after-content</code> means that the message receiver decrypts the message before validating the signature.</p>
</dd>
<dt>Authenticate Source (for Response Policy)</dt>
<dd>
<p>The type of required authentication for the response policy. The response policy determines the response processing that the authentication provider performs. The response policy fields are optional, but if they are not specified, no authentication is applied to response messages.</p>
<p>Select <code>sender</code> to specify message-layer sender authentication (for example, username password) of response messages. Select <code>content</code> to specify content authentication (for example, digital signature) of response messages. Leave the field empty to not authenticate response sources. By default, no authentication type is selected.</p>
</dd>
<dt>Authenticate Recipient (for Response Policy)</dt>
<dd>
<p>Specifies whether recipient authentication occurs before or after content authentication for the response policy.</p>
<p>Select <code>before-content</code> or <code>after-content</code> to define a requirement for message-layer authentication of the receiver of the response message to its sender (by XML encryption). If the value is not specified, the default is <code>after-content</code>. Policies are expressed in message sender order, so <code>after-content</code> means that the message receiver decrypts the message before validating the signature.</p>
</dd>
<dt>Additional Properties</dt>
<dd>
<p>Additional properties for the message security provider configuration.</p>
</dd>
</dl>
<a id="GHCOM465" name="GHCOM465"></a>
<h5>Related Tasks</h5>
<ul>
<li>
<p><a href="task-configmsgsecproviders.html">To Configure Payara Server Facilities for Use by Message Security Providers</a></p>
</li>
<li>
<p><a href="task-messagesecurityconfignew.html">To Create a Message Security Configuration</a></p>
</li>
<li>
<p><a href="task-messagesecurityconfigedit.html">To Edit a Message Security Configuration</a></p>
</li>
<li>
<p><a href="task-messagesecurityconfigdelete.html">To Delete a Message Security Configuration</a></p>
</li>
<li>
<p><a href="task-messagesecurityproviderconfignew.html">To Create a Message Security Provider Configuration</a></p>
</li>
<li>
<p><a href="task-messagesecurityproviderconfigedit.html">To Edit a Message Security Provider Configuration</a></p>
</li>
<li>
<p><a href="task-messagesecurityproviderconfigdelete.html">To Delete a Message Security Provider Configuration</a></p>
</li>
<li>
<p><a href="task-enablemesec4appclients.html">To Enable Message Security for Application Clients</a></p>
</li>
</ul>
<a id="GHCOM466" name="GHCOM466"></a>
<h5>Related asadmin Commands</h5>
<ul>
<li>
<p><a href="/resource/reference/en/help/reference/create-message-security-provider"><code>create-message-security-provider</code>(1)</a></p>
</li>
<li>
<p><a href="/resource/reference/en/help/reference/list-message-security-providers"><code>list-message-security-providers</code>(1)</a></p>
</li>
<li>
<p><a href="/resource/reference/en/help/reference/delete-message-security-provider"><code>delete-message-security-provider</code>(1)</a></p>
</li>
</ul>


<small>Copyright &#169; 2005, 2017, Oracle and/or its affiliates. All rights reserved. <a href="docinfo.html">Legal Notices</a></small>
<small>Portions Copyright &#169; [2017-2020] Payara Foundation and/or affiliates.</small>
